Update Firefox 131 now to patch a critical zero-day security flaw --[Reported by Umva mag]

Yesterday, Mozilla released the Firefox 131.0.2 update in response to reports that Firefox users are actively being hit by a zero-day vulnerability in the browser. Surprisingly, this is the first zero-day vulnerability discovered in Firefox this year. In Mozilla’s Security Advisory report for the update, the fixed security flaw is listed as CVE-2024-9680, which is a use-after-free (UAF) vulnerability in CSS animations. An attacker who exploits this vulnerability can inject and execute arbitrary malicious code. ESET researcher Damien Schaeffer found the zero-day vulnerability, but Mozilla is keeping a lid on details about the attacks and how widespread they are. Firefox usually loads updates automatically and installs them when the browser is restarted. If you haven’t updated to 131.0.2 yet, you can use the Help > About Firefox menu to initiate an update check and download the update manually. Mozilla also released security updates for the two ESR (Extended Support Release) editions of Firefox as well as the Tor Browser: versions Firefox ESR 115.16.1, Firefox ESR 128.3.1, and Tor Browser 13.5.7. Firefox ESR 115 will continue to be provided with security updates until March 2025 at least, which is the only option for users on outdated versions of Windows and macOS. If you’re on a modern OS version, you’ll get Firefox ESR 128 if you’ve opted for the more-stable ESR branch. The updated Tor Browser remains based on Firefox ESR 115.16, but Tor developers have backported the fix against CVE-2024-9680 from Firefox 131.0.2 without waiting for an ESR update. This means the Tor Browser is also secure after the update has been installed. Tip: Don’t just keep your software up to date. For the broadest PC security protections, you should be running reputable antivirus software. Check out our best antivirus software picks if you need one.

Oct 10, 2024 - 15:48

Update Firefox 131 now to patch a critical zero-day security flaw --[Reported by Umva mag]

Yesterday, Mozilla released the Firefox 131.0.2 update in response to reports that Firefox users are actively being hit by a zero-day vulnerability in the browser. Surprisingly, this is the first zero-day vulnerability discovered in Firefox this year.

In Mozilla’s Security Advisory report for the update, the fixed security flaw is listed as CVE-2024-9680, which is a use-after-free (UAF) vulnerability in CSS animations. An attacker who exploits this vulnerability can inject and execute arbitrary malicious code. ESET researcher Damien Schaeffer found the zero-day vulnerability, but Mozilla is keeping a lid on details about the attacks and how widespread they are.

Firefox usually loads updates automatically and installs them when the browser is restarted. If you haven’t updated to 131.0.2 yet, you can use the Help > About Firefox menu to initiate an update check and download the update manually.

Mozilla also released security updates for the two ESR (Extended Support Release) editions of Firefox as well as the Tor Browser: versions Firefox ESR 115.16.1, Firefox ESR 128.3.1, and Tor Browser 13.5.7.

Firefox ESR 115 will continue to be provided with security updates until March 2025 at least, which is the only option for users on outdated versions of Windows and macOS. If you’re on a modern OS version, you’ll get Firefox ESR 128 if you’ve opted for the more-stable ESR branch.

The updated Tor Browser remains based on Firefox ESR 115.16, but Tor developers have backported the fix against CVE-2024-9680 from Firefox 131.0.2 without waiting for an ESR update. This means the Tor Browser is also secure after the update has been installed.

Tip: Don’t just keep your software up to date. For the broadest PC security protections, you should be running reputable antivirus software. Check out our best antivirus software picks if you need one.

The following news has been carefully analyzed, curated, and compiled by Umva Mag from a diverse range of people, sources, and reputable platforms. Our editorial team strives to ensure the accuracy and reliability of the information we provide. By combining insights from multiple perspectives, we aim to offer a well-rounded and comprehensive understanding of the events and stories that shape our world. Umva Mag values transparency, accountability, and journalistic integrity, ensuring that each piece of content is delivered with the utmost professionalism.

Update Firefox 131 now to patch a critical zero-day security flaw --[Reported by Umva mag]

Tags:

Related Posts

Popular Posts

Live Footbal

Popular Tags